Guiding Supply Chain Security in Aeronautic Development
CONTENTS 1 Supply Chain Security Issues in Aerospace ......................................................................... 3 2 Similarities with Supply Chain Security ( SCS ) Issues in Other Domains ................................ 6 3 Crafting a Common Framework to Consistently Assess SCS Risks ........................................ 7 4 Identifying Sources for Assessment Data ......................................................................... 10 5 Driving Down the Breadth and Depth of Topics and Risk Aspects in Scope ........................ 11 6 Automated Approaches to Developing and Defining SoT Profiles ..................................... 12 7 Approaches to Presenting and Reviewing SoT Profiles ..................................................... 13 8 Proof-of-Concept : Assessing a Company Against a Set Profile of Risks .............................. 15
9 Conveying Assessment Findings in a Consumable Manner ............................................... 16 9.1 At-a-Glance Results Illustration – Hierarchical Scoring Heatmaps ........................................ 16
10 Next Steps in SCS Assessments for Aerospace and Avionics in General ............................. 19 11 References ...................................................................................................................... 20 12 Acknowledgements ......................................................................................................... 22
FIGURES
Figure 2-1 : Supply chain flow example .......................................................................................................... 6 Figure 2-2 : Global and United States shipping and cargo routes .................................................................. 7 Figure 3-1 : Hierarchical vocabulary of supplier , supply and service risks . .................................................... 8 Figure 3-2 : Screenshot of MITRE ’ s content creation tool illustrating SoT knowledge .................................. 9 Figure 4-1 : Types of passive and active supply chain security data sources ............................................... 11 Figure 6-1 : Tailor mode of RMM initial screen for making or selecting profiles of System of Trust . ......... 13 Figure 7-1 : Examples of System of Trust content in tabular text and spreadsheet forms .......................... 14 Figure 7-2 : Hierarchical heatmap of profile with many risk factors ............................................................ 15 Figure 9-1 : Hierarchical scoring heatmap of profile with many risk factors . .............................................. 16 Figure 9-2 : Depicting Source Coverage ........................................................................................................ 17 Figure 9-3 : Outline and list of minimal figures and tables for an assessment report ................................. 18 Figure 9-4 : Table version of System of Trust risk factor content . ............................................................... 19
2 August 2024